<?php
$autoload='0';
function contact()
{
	global $conf, $lang;

	SQLvalidate($_POST['admin']);
	
	if($_POST['admin'] && checkCode($_POST['code'])) {
		$db = new dbquery;
		$db->query("SELECT * FROM $conf[prefix_users]users WHERE id=$_POST[admin]") or $db->err(__FILE__, __LINE__);
		$d=$db->fetch_object();

		$type = get_group_type($d->gid);

		$_POST['contact']=read_text_mail($_POST['contact']);

		if($type==2 or $d->gid == 3){
			if($_POST['url']) $url='http://'.$_SERVER['HTTP_HOST'].read_text_mail($_POST['url']); else $url='http://'.$_SERVER['HTTP_HOST'].$_SESSION['redirect_2'];
			$admin_mail_text=string_template($lang['admin_mail_text'], array('mail'=>$_POST['mail'], 'contact'=>$_POST['contact'], 'url'=>$url));
			$admin_mail_title=string_template($lang['admin_mail_title'], array('adress'=>$conf['adress']));

			if($_POST['contact'] && verify_mail($_POST['mail']))
			@mail($d->mail, $admin_mail_title, $admin_mail_text, 'FROM: '.$_POST['mail']."\r\n\r\n");
			else
			{
				redirect('index.php?module=error&error=contact_error1');
				exit;
			}

			redirect('index.php?module=info&info=contact_thx');
			exit;
		}
		else
		{
			redirect('index.php?module=error&error=auth_error');
			exit;
		}
	} else {
			redirect($_SESSION['redirect_1']);
			exit;
	}
}
?>
